티스토리 뷰
반응형
Sometimes we want to find out where in a module the code parsing is done. In the example below, we want to find the code that parses the QuickTime video codecs that are in Windows media player. We know that the codecs support the raw, rle, jpeg, mjpb, and rpza tags, so all we need to do is to search for those tags in our module--in this case, the "quartz.dll" module.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
OllyEyev0.1.rar'Reversing tools > 올리 플러그인' 카테고리의 다른 글
| FullDisasm v2.1 (2) | 2009.02.28 |
|---|---|
| StrongOD 0.2.3.322 (0) | 2009.02.28 |
| StrongOD 0.2.3.305 (0) | 2009.02.15 |
| FullDisasm_OllyDbg v2.0 (0) | 2009.02.15 |
| advancedolly1.28 (0) | 2009.01.29 |
| X_CRYPTO v1.2 (0) | 2009.01.17 |
| ODbgScript.1.66.3.VC6 (0) | 2009.01.11 |
댓글
반응형
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
TAG
- Reverse Engineering
- ollydbg mup
- DUP2
- Themida
- 미친소 수입반대
- ProtectionID
- OllyScriptEditor
- 리버스 엔지니어링
- 패처
- ollydbg scripts
- vmprotect
- StrongOD
- 미니 노트북
- ollydbg PLUGIN
- PECompact
- OllyDbg
- plugin
- Unpacking
- 리버싱은 내운명
- ollydbg ScriptEditor
- Memory Hacking Software
- Unpacker
- OllyDbg Plugins
- ODbgScript
- exeinfo pe
- ASProtect 1.32 - 1.41
- 한글화
- TTprotect
- crack
- 언패킹
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |
글 보관함